Level 43

This article is meant for people, like me, who are On-The-Go (OTG) whereby preventing MITM attacks in the use of unsecured public WiFi network is important. Before we discuss the PROS and CONS of the two(2) devices let’s discuss some issues the OTG user faces when surfing at public WiFi hotspots

I do not own a portable VPN router for now so I can only review their specs, gather info from net reviews and put up answers by the VPN router providers. I might consider having one in the near future.

1) Why the need to use a portable VPN router when you can just use a normal VPN service?

If you use a VPN service you should be aware that when you make a WiFi connection with your laptop/tablet it’s the WiFi that’s connected first before your VPN gets connected. The VPN may take a few seconds to some minutes to connect. During this small window of time when you are not protected many things can take place like

a) Software phoning home to check and auto download latest version and definitions
b) Emails auto downloaded to your desktop email client
c) Auto-syncing between your computer and to the cloud/home

However, if you have a portable VPN router you’ll be isolated from the public WiFi network before the VPN gets connected. Here’s how the connection being made

First, you connect the portable VPN router to the public WiFi network to establish the VPN connection

Portable VPN router ==> public WiFi network

After the portable VPN router made its VPN connection then you tether your laptop/tablet using WiFi to the portable VPN router

Laptop/tablet ==> portable VPN router

If the VPN is NOT connected the portable VPN router acts as a Kill Switch for your laptop/tablet will not be able to connect to it and, therefore, no connection being made to the public WiFi network. Hence, you are isolated from the net in this manner as compared to having a normal VPN service and protected from MITM attacks when your VPN is not connected.

The greatest advantage in using a portable VPN router is that it sits between and provides a means to isolate the laptop/tablet from the public WiFi network and protects the user from MITM attacks.

However, there are caveats in using a portable VPN router.

Firstly, there are not many such VPN routers in the market to choose from. Keezel, InvizBox Go, Anonabox, Betterspot, Flter, Tiny Hardware Firewall Client etc are some and not all are available for purchase now.

Secondly, their max speed is about 25Mbps (due to the use of a less powerful ARM CPU) and with its overhead it suffers a greater speed drop so they are not meant for heavy downloading, fast speed, online gaming etc. Simply put, they are not designed for the aforementioned uses.

Thirdly, you’ll need to pay for the device and its VPN subscription. In addition, you’ll have to carry one more device on-the-go.

Fourth. Good privacy VPN service will depend on which VPN provider(s) it uses and, likely, you are also not able to use ALL the servers of the VPN provider(s).

The fifth thing is the limited features in the hardware itself like no support for WiFi ac, no dual-band WiFi support, non-replaceable battery, not able to connect to all public WiFi hotspots due to the way signing-in is done like using password/username+password/handphone number etc

3) Are there other ways to protect from MITM attacks when using public WiFi network?

Yes, there are if you don’t require such a portable VPN router. However, a VPN is still required to protect you when surfing at unsecured public WiFi hotspots. Below are some ways you can do it

a) Tether your laptop to connect to a portable mobile MiFi hotspot modem(or use your smartphone) using 4G LTE. This is a safer alternative to using an unsecured public WiFi network i.e. can surf from anywhere vs at fixed WiFi hotspots which are targets for eavesdropping and hacking. But this consumes your mobile data.

b) Start up in a virtual environment to protect ALL data/apps and leave the host OS, which has nothing to leak, to connect to the public WiFi network

c) Use of a software firewall and configure to default-deny all incoming/outgoing connections and only allow those you want to connect in/out. However, monitoring outbound access and creating rules are not easy, time-consuming and tedious.

d) Stop using services which automatically connects to the net when WiFi is connected like

i) Use web-based emails instead of desktop email client
ii) Use cloud-based AV/AM with no signatures to download instead of AV/AM which requires signature downloading
iii) Disable automatic updating in OS/software and do manual update instead
iv) Disable automatic syncing in software and do manual syncing
v) If not using a software firewall then can consider using Hacker Deterrent Pro to block/allow outgoing connections

Lastly, one point to note in the use of public WiFi network. Some public WiFi has time limit usage which cuts off the WiFi and requires the user to re-log in after a specified time period. Some will not play well if you are connected using a VPN and will try to cut you off. If you experience frequent cut offs by the provider of the public WiFi network you can try using the free Netcut Defender software or similar software.

Level 43

As mentioned there are not many portable VPN routers on the market and the Keezel and Invizbox Go shows the most promising of all.

KEEZEL

PROS

1) 16 hour battery life with 7000mAh capacity
2) Battery can be user replaceable – Keezel is working to make this happen
3) Can use the battery to charge your smartphone and it can be charged externally using a power bank besides AC charging
4) Access geo restricted sites
5) Works with WiFi/LAN/4G
6) Uses dual-band 2.4 & 5GHz WiFi b/g/n
7) Has ad-blocking/anti-phishing features for its Premium Plan
8) Can use a USB-to-Ethernet adapter to connect to an Ethernet (LAN) port
9) Can sign in to sites using username/password and mobile phone number
10) Uses PureVPN(Hong Kong)+ProXPN(Netherlands)+Le VPN(Hong Kong) providers.
11) Speed-wise PureVPN performs better than IPVanish VPN provider by Invizbox Go

CONS

1) The Keezel is NOT available now and is back ordered
2) PureVPN uses fake server locations, have connection leaks, keeps session logs and the other 2 VPN providers don’t fare well on ThatOnePrivacySite too.
3) Size is LxWxH(121x81x34) and weighs 200gm. Not slim and due to its oval shape it’s inconvenient to keep as compared to Invizbox Go
4) No Tor support
5) Keezel’s privacy policy don’t look good as it collects ordering/payment info (no anonymous payment methods acceptable) and it uses cookies to collect info on your surfing behavior. Also, collects data usage, will reveal your identity and data collected if forced to do so by the law and, also, to transfer your personal data to third parties if that is necessary for them to fulfil their obligations toward you.
6) No WiFi ac as it uses only a dual-core ARM CPU
7) Max download speed of about 20Mbps so not suitable for torrenting/gaming/heavy downloading
8) Not ALL server locations by the VPN providers are made available to the Keezel user for now although ALL the servers are available on Keezel’s Premium Plan. Keezel has yet to activate ALL the servers.
9) Currently, the Keezel only works with its VPN service. Even if you have a separate subscription with any of the mentioned VPN providers it’ll not work with the Keezel.

1) It’s available for purchase NOW
2) Supports Tor and “pluggable transport”.
3) Has ad-blocker, can block Win10’s tracking domain and can access geo-restricted sites.
4) Built-in HTTP Everywhere.
5) Open source software
6) Comes with WiFi extender mode
7) Act as a battery bank (5000mAh) to charge your smartphone and can be externally powered by a battery bank besides using AC
8) Uses a 880MHz dual-core CPU and MediaTek MT7621 chipset.
9) Max WiFi download speed of 25Mbps
10) Size is 125x70x12.5mm
11) Slim and easier to keep than the Keezel
12) Automatic updating of firmware.
13) No DNS leak/IP leak/WebRTC leak as tested
14) IPVanish VPN provider do not keep log
15) You can now configure the Invizbox Go to work with your VPN service if you know how to do it. It’s on the roadmap of InvizBox to provide such a feature through a firmware update later on if you are not prepared to configure the device.

CONS

1) 10-hour battery life with 5000mAh capacity
2) Supports 2.4GHz WiFi b/g/n only.
3) No WiFi ac support
4) Weighs 300gm
5) Battery is soldered down so non-replaceable
6) IPVanish VPN provider is US-based
7) IPVanish’s speed performance is not as impressive as PureVPN
8) Can only choose either VPN or Tor and not both
9) It can get hot when charging or if highly utilised so have to use in a well-ventilated space or aircon environment.
10) Only 90% of the IPVanish servers are available to the InvizBox Go user
11) Cannot sign in to Public WiFi sites which require Username (only Password allowed).
12) Cannot use a USB-to-Ethernet adapter to connect to an Ethernet(LAN) port - InvizBox is working on this to add as a new feature
13) InvizBox Go’s privacy policy don’t look too good either. Collects ordering and payment information (no anonymous payment methods acceptable). Will only share your personal details with third parties when necessary for them to process payments to you, or if obliged to do so legally by court order.

We use cookies to improve your browsing experience on our site, show personalized content and targeted ads, analyze site traffic, and understand where our audience is coming from.
By continuing to use this site, you are consenting to our use of cookies.